LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 06-14-2013, 02:44 PM   #1
Dodosaur
LQ Newbie
 
Registered: Jun 2013
Posts: 8

Rep: Reputation: Disabled
X11 Forwarding Twice


I have a Unix server unconnected to the internet, we'll call it the server. I have a Linux running RedHat connected to the Unix server through a network switch, we'll call it machine1. I now have a VirtualBox running Fedora, we'll call it machine2.

The Unix (server) shell is tsch, both the RedHat and Fedora (machine1 and machine2) shells are bash.

I can use "ssh -Y" to connect from machine2 to machine1 and display graphics. I can use "ssh -Y" or telnet to connect from machine1 to the server. However, when I use "ssh -Y" from machine1 to the server I don't have a DISPLAY environment variable on the server; I have to set it myself. If I set it to the IP address of machine1 (the IP address of machine1 on the network switch), I can display graphics on machine1.

However, when I connect from machine2 to machine1 through "ssh -Y machine1," then from the remotely logged in machine1 to the server with either SSH or telnet, I'm unable to display graphics. I tried setting the DISPLAY variable to the IP address (from the network switch) of machine1, which didn't work (let's call this IP address 192.168.x.x). I tried setting it to the IP address of machine2, which didn't work either, which makes sense as the server isn't connected to the internet. When I try to set it to "localhost:10.0," whenever I call something (like xterm), it pauses for a second then says that it can't connect to localhost:10.0.

Since machine1's DISPLAY variable after SSHing is "localhost:10.0" I thought it should work. Then I thought maybe I should set it the IP address of the network switch of machine1, except set it to port 10 instead of 0 (e.g. setenv DISPLAY 192.168.x.x:10.0), and this didn't work either.

Does anyone know what's wrong? The Unix server is very old and I'm afraid that's what's causing the problem; I doubt I'd be able to fix it because all the ways I know how to open ports and ensure X11 forwarding is on doesn't work on such an old machine. HOWEVER, remember that machine1 can get graphics from the Unix server through either SSH or telnet; the caveat is that you have to set the DISPLAY variable by hand when connecting with SSH.
 
Old 06-14-2013, 03:48 PM   #2
cliffordw
Member
 
Registered: Jan 2012
Location: South Africa
Posts: 509

Rep: Reputation: 203Reputation: 203Reputation: 203
Hi there,

What Unix flavour are you running on the server?

You shouldn't set the DISPLAY when using ssh X11 forwarding (ssh -X or ssh -Y). Have you tried testing your graphics without setting DISPLAY (by running something like xclock for example)?

Have a look at the X11Forwarding settings in sshd_config on all the machines in your chain - this is disabled by default on may machines.

Regards,

Clifford
 
Old 06-14-2013, 03:53 PM   #3
Dodosaur
LQ Newbie
 
Registered: Jun 2013
Posts: 8

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by cliffordw View Post
Hi there,

What Unix flavour are you running on the server?

You shouldn't set the DISPLAY when using ssh X11 forwarding (ssh -X or ssh -Y). Have you tried testing your graphics without setting DISPLAY (by running something like xclock for example)?

Have a look at the X11Forwarding settings in sshd_config on all the machines in your chain - this is disabled by default on may machines.

Regards,

Clifford
I don't have the Unix flavor name on me right now, unfortunately. And I know the DISPLAY should be automatically set when SSHing. I have tried testing graphics without setting the DISPLAY - it complains that there is no DISPLAY variable set.

For some reason I can't find the sshd_config file anywhere on the computer. Is there a way to trace it from the sshd process?
 
Old 06-14-2013, 04:01 PM   #4
cliffordw
Member
 
Registered: Jan 2012
Location: South Africa
Posts: 509

Rep: Reputation: 203Reputation: 203Reputation: 203
For the unix flavour, try running "uname -a".

For sshd_config, the most common locations are /etc/ssh/sshd_config, /usr/local/etc/ssh/sshd_config or /usr/local/etc/sshd_config. Can you tell where the ssh and sshd commands are located? This could help find the config file - cd to one directory up from there, and run "find . -type f -name sshd_config".
 
Old 06-14-2013, 04:04 PM   #5
cliffordw
Member
 
Registered: Jan 2012
Location: South Africa
Posts: 509

Rep: Reputation: 203Reputation: 203Reputation: 203
BTW, I tried this, and get error messages along the lines of "Error: Can't open display: " when the forwarding isn't working correctly.
 
Old 06-14-2013, 04:17 PM   #6
Dodosaur
LQ Newbie
 
Registered: Jun 2013
Posts: 8

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by cliffordw View Post
BTW, I tried this, and get error messages along the lines of "Error: Can't open display: " when the forwarding isn't working correctly.
That is exactly the error message I get. I'm guessing then that forwarding isn't working correctly on the Unix side.

Time to dig for the config file, as last time I checked they weren't in either location.

EDIT: Could it also be a closed port problem? I thought ports didn't really matter on a network switch but I could be wrong.
 
Old 06-14-2013, 04:22 PM   #7
cliffordw
Member
 
Registered: Jan 2012
Location: South Africa
Posts: 509

Rep: Reputation: 203Reputation: 203Reputation: 203
Quote:
Originally Posted by Dodosaur View Post
Could it also be a closed port problem? I thought ports didn't really matter on a network switch but I could be wrong.
The switch is unlikely to be blocking ports, although the hosts on either side could be. As far as I understand this, the X11 traffic is tunneled via the ssh connection, so if ssh is working, so should X11 - no other ports need to be open.

---------- Post added 2013-06-14 at 22:23 ----------

If you can't get this working, an alternate approach might be to install a VNC server on the Unix server, and connecting to it via an SSH tunnel.
 
Old 06-14-2013, 04:30 PM   #8
Dodosaur
LQ Newbie
 
Registered: Jun 2013
Posts: 8

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by cliffordw View Post
The switch is unlikely to be blocking ports, although the hosts on either side could be. As far as I understand this, the X11 traffic is tunneled via the ssh connection, so if ssh is working, so should X11 - no other ports need to be open.

---------- Post added 2013-06-14 at 22:23 ----------

If you can't get this working, an alternate approach might be to install a VNC server on the Unix server, and connecting to it via an SSH tunnel.
I thought about doing something like that, but installing anything on the Unix is a pain as it doesn't have an internet connection.

I'll try configuring SSH correctly next time I have access to the computer, thanks for all of your help.
 
Old 06-14-2013, 09:16 PM   #9
Dodosaur
LQ Newbie
 
Registered: Jun 2013
Posts: 8

Original Poster
Rep: Reputation: Disabled
Alright, so everything is configured correctly (I found the files in /usr/local/etc) but nothing is working still. I'm sure X11 Forwarding is enabled on both sides.

Since the computer is old I also tried it with X11UseLocalhost yes on the Unix server's sshd_config file but this didn't work either.

Last edited by Dodosaur; 06-14-2013 at 09:19 PM.
 
Old 06-14-2013, 11:12 PM   #10
Dodosaur
LQ Newbie
 
Registered: Jun 2013
Posts: 8

Original Poster
Rep: Reputation: Disabled
Alright, time for some closure (sorry for posting three times in a row, I just feel that this warrants a separate post).

For some reason, whoever last configured this computer had different config files for different users (although he only enabled X11 forwarding on them). Another problem was that sshd couldn't find the RSA and DSA keys for the user I wanted to connect to after I pointed sshd back to the original sshd_config file for the user I wanted to SSH into, and I had to use ssh-keygen to regenerate those as well as fix the issue on the clientside (new RSA keys = security warning).

I restarted after each change (because I didn't know which one would work) and after those steps it started working.

For those getting here through Google, big problems were: old version of SSH, old machine, and bad initial configuration.

Thank you cliffordw, you've been a great help!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
X11 Forwarding with -X and -Y. echipbk Linux - General 2 02-11-2013 09:32 PM
X11 forwarding BigNate Linux - Software 16 06-21-2011 02:39 AM
X11 Forwarding Oxagast Linux - Software 1 09-02-2008 04:14 AM
X11 Forwarding BlueTornJacket Linux - Server 11 03-12-2007 06:00 PM
X11 forwarding JanDeMan Mandriva 1 04-17-2004 10:02 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 04:57 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration